5d4dbd4358fe22417bafd0037a8c832a010471986df33f1091ac024d1baaf89c

Sharing

Copy URL Twitter E-mail

General

Target

5d4dbd4358fe22417bafd0037a8c832a010471986df33f1091ac024d1baaf89c
Size

85KB
MD5

485661a09d27d36211b1e23a7b465cdc
SHA1

d737d183d93e80578445a350dbb53cd0cce8efb7
SHA256

5d4dbd4358fe22417bafd0037a8c832a010471986df33f1091ac024d1baaf89c
SHA512

d03fed9d811abf3c686ad52f349d7e6e26465f4fedda4bf6383757e2e065f9bf3d634c94bd575748a9cda3dbdbe099d68863b855e53062d50dca64b7131b4eaa
SSDEEP

1536:4KnD5BPyvIvnYhf5rjcHlYlvMfYoLC/r/s04S+hroU87T:XnT5YR5MHlYiLC7s0grot

Score

N/A

Malware Config

Signatures

Files

5d4dbd4358fe22417bafd0037a8c832a010471986df33f1091ac024d1baaf89c
.exe windows x86

da5a12b222635e2aef1198ee62bc0642

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt40

memcmp
??0ofstream@@QAE@PBDHH@Z
_mbspbrk
??_Eistream_withassign@@UAEPAXI@Z
?sh_write@filebuf@@2HB
??6ostream@@QAEAAV0@D@Z
?seekpos@streambuf@@UAEJJH@Z
??4strstream@@QAEAAV0@AAV0@@Z
_initterm
?epptr@streambuf@@IBEPADXZ
?text@filebuf@@2HB
__wargv
_adj_fdivr_m32i
_write
??0fstream@@QAE@XZ

crypt32

CertCreateCTLEntryFromCertificateContextProperties
I_CryptUninstallAsn1Module
CertFindChainInStore
CryptSIPVerifyIndirectData
CryptExportPKCS8
CertGetCRLFromStore
CertCompareCertificate
CryptGetMessageSignerCount
I_CryptGetLruEntryIdentifier
CertEnumSubjectInSortedCTL
CertGetCertificateChain
CryptVerifyCertificateSignatureEx
CertIsRDNAttrsInCertificateName
I_CryptInsertLruEntry
CertAddCTLContextToStore
CertUnregisterSystemStore

opengl32

glPopClientAttrib
glRasterPos3i
GlmfInitPlayback
glNormalPointer
glTranslated
glPopName
wglGetCurrentDC
glTexCoord2fv
wglUseFontBitmapsA
glFrontFace
glTexCoord2s
wglSwapBuffers
glArrayElement
glRasterPos3d
glDepthFunc

msasn1

ASN1BERDecU16Val
ASN1BERDecBitString
ASN1char16string_free
ASN1CEREncChar16String
ASN1CEREncCharString
ASN1CEREncGeneralizedTime
ASN1BERDecLength
ASN1uint32_uoctets
ASN1ztchar32string_free
ASN1BEREncChar16String
ASN1BERDecGeneralizedTime
ASN1BERDecDouble
ASN1BERDecEndOfContents
ASN1BERDecCheck
ASN1BERDecEoid

kernel32

_lclose
ExitProcess
IsValidCodePage
CreateTimerQueue
GetDefaultCommConfigA
LZDone
LoadLibraryExA
SetThreadPriority
VirtualAlloc
EndUpdateResourceA
GetExpandedNameW
AllocConsole
Heap32First
WriteConsoleOutputAttribute
GetWindowsDirectoryW

user32

IsWindow
GetDC
GetWindowDC

odbcconf

DllUnregisterServer
ExecuteAction
AppRegEnum
OpenAppRegEnum
SetActionName
RunDLL32_RegisterApplication
UnregisterApplication
SetActionLogMode
RunDLL32_UnregisterApplication
DllCanUnloadNow
QueryApplication
SetSilent
CloseAppRegEnum
RefreshAppRegEnum

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Q1Wg331j
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat_50
Size: 23KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da5a12b222635e2aef1198ee62bc0642

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt40

crypt32

opengl32

msasn1

kernel32

user32

odbcconf

Sections

.text Size: 43KB - Virtual size: 42KB

Q1Wg331j Size: 15KB - Virtual size: 15KB

.idat_50 Size: 23KB - Virtual size: 45KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 336B

.text
Size: 43KB - Virtual size: 42KB

Q1Wg331j
Size: 15KB - Virtual size: 15KB

.idat_50
Size: 23KB - Virtual size: 45KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 336B